From: Simon McVittie Date: Wed, 29 Jun 2011 15:44:33 +0000 (+0100) Subject: bus signal_handler: call _exit in the unlikely event that the pipe is full or invalid X-Git-Tag: dbus-1.4.16~39 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=ba2892396a6a3cfae7482e7d42d0a491eb2e723a;p=platform%2Fupstream%2Fdbus.git bus signal_handler: call _exit in the unlikely event that the pipe is full or invalid On OSs with abstract sockets, this is close enough. On OSs without abstract sockets, this results in failing to clean up Unix sockets in /tmp if someone has sent us thousands of SIGHUP signals since we last entered the main loop - I think that's acceptable. The reload pipe should never get closed, but if it is for some reason, we want a SIGTERM after that to cause an exit too. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=38656 Reviewed-by: Will Thompson --- diff --git a/bus/main.c b/bus/main.c index b35ccf6..47f38c8 100644 --- a/bus/main.c +++ b/bus/main.c @@ -101,13 +101,19 @@ signal_handler (int sig) DBusString str; char action[2] = { ACTION_QUIT, '\0' }; _dbus_string_init_const (&str, action); - if ((reload_pipe[RELOAD_WRITE_END] > 0) && + if ((reload_pipe[RELOAD_WRITE_END] < 0) || !_dbus_write_socket (reload_pipe[RELOAD_WRITE_END], &str, 0, 1)) { + /* If we can't write to the socket, dying seems a more + * important response to SIGTERM than cleaning up sockets, + * so we exit. We'd use exit(), but that's not async-signal-safe, + * so we'll have to resort to _exit(). */ static const char message[] = - "Unable to write to reload pipe - buffer full?\n"; + "Unable to write termination signal to pipe - buffer full?\n" + "Will exit instead.\n"; write (STDERR_FILENO, message, strlen (message)); + _exit (1); } } break;